Write Up – The Human Factor in Cybersecuirty

Posted by aroja003 on

Introduction BLUF 

Cyber threats regarding human activity have taken a rise in popularity. Working to effectively balance a budget that improves not only the technology to mitigate these risk but to train the right personnel to prevent these cyber threats is critical. It should be a top priority to invest in training as well as education to inform employees about the threats and cybercrime this new age faces. By investing in security and education for employees, organizations aren’t just investing and putting money towards the growth of their company, but also the security of it. With this approach, organizations will only see positive outcomes and decrease the chances of them falling victim to attacks. 

Cyber Threats  

The cyber threats regarding the human factor occur in various ways. Phishing and insider threats are among the most common ways that these threats are exploited. Have you ever received a spam email with a link attached or any sort of message containing one? Most of the time these links are made so that the user in control is able to access your computer once you fall victim to them. Examples of this would be in your spam mail or the current most common use in streaming websites. Illegal streaming websites may have links attached that contain explicit content that is meant to draw in the person on the computer. With this they can control the insights of your computer, perhaps turning it off completely or accessing personal information.  

The middleman concept is mainly used by attackers once a person is connected to a public Wi-Fi network. As explained in class, all the middleman needs are the routers IP address to manipulate the software for them to gain control. With this, the middleman is able to receive and control any messages or data that comes from your computer before you receive it. Knowing this when connecting to a public Wi-Fi whether in a coffee shop or library you should try not to log into any bank accounts or any sort of information on your computer that may contain personal or financial records of you.  

Human error 

Obviously advances in technology play a vital role in the security of your systems as an organization. The most important action when trying to upgrade your security is the training of your employees and the training they should undergo. “Time and again, it is determined that, despite all the technical efforts and security procedures, people are highly likely to expose organizations to vulnerabilities” (Cano, 2019, p 1). Unintentionally employees might fall victims of phishing attacks or fraudulent communication methods. As a result, organizations should push to increase or spend most of their funds towards the training of their employees so that the human error aspect can be mitigated as much as possible.  

Conclusion 

Balancing the budget being spent on technology and employee training is a hard circumstance to be put into. As technological support is a secure border between the cyber-attacks and the employees in control, the main issue lies between the human factor being the weak link and most likely to be exploited. Organizations must prioritize the human focus of training and respond to threats because of the vulnerabilities that might appear due to human error. In this world cyber threats are only evolving, the risk that humans pose compared to technology being exploited is only greater which is why investing in the right protocols like human error to prevent these attacks has never been clearer. 

Citations 

Cano, Esteban. “The Human Factor in Information Security.” ISACA Journal, vol. 5, 2019, www.isaca.org/resources/isaca-journal/issues/2019/volume-5/the-human-factor-in-information-security. Kirkpatrick, 200T Mod 06 – Cybercrime and Cybersecurity, https://docs.google.com/presentation/d/12RFglzRfOTfh6vV1_cjl1kYtjF22iq7Nm1dI5_IJO4s/edit#slide=id.g100fa80161d_0_6 

Leave a Reply

Your email address will not be published. Required fields are marked *